package cn.zurish.cloud.security.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;

import static org.springframework.security.config.Customizer.withDefaults;

@Configuration
@EnableWebSecurity
public class WebSecurityConfig {
        // 配置安全策略
        @Bean
        public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
            http.
                    authorizeHttpRequests(authorize -> authorize
                            .requestMatchers("/public/**").permitAll()
                            .anyRequest().authenticated()
                    )
                    .formLogin(withDefaults())
                    .logout(withDefaults());
            return http.build();
        }
    }

